CTFs

Cheat Sheets

Wireshark Cheat Sheet

Resources

Articles

• Capture The Flag (CTF) Resources For Beginners - Abdul Issa
• CTF Design Guidelines
• CTF Field Guide
• CTF Resources
• CTF Wiki
• Escaping the PyJail - Ludovic Barman
• HackTricks - Carlos Polop
• Infosec Tools
• Offensive Security Cheatsheet
• Online IT/Security Training
• Online Tools to crack CTF Contests
• picoCTF Primer
• pwny.cc
• The Many Maxims of Maximally Effective CTFs

GitHub repositories

• https://github.com/alphaSeclab/awesome-reverse-engineering
• apsdehal/awesome-ctf
• CTFs
• devploit/ctf-awesome-resources
• Hacking Lab
• how2heap
• RsaCtfTool - retreive private key from weak public key and/or uncipher data
• rsatool - rsatool can be used to calculate RSA and RSA-CRT parameters
• RSHack for CTF - Tool for RSA CTF's challenges
• Security Cheat Sheet

  • CMD
  • Metasploit
  • Reverse Shell
  • Wireshark
• zardus/ctf-tools

Offline Tools

• ImHex

Enumeration

• AutoRecon
• FinalRecon
• nmapAutomator
• Raccoon
• Reconbot
• RustScan
• Threader3000

Forensics

• Aircrack-ng - assess WiFi security
• bettercap - perform reconnaissance and attack WiFi networks, Bluetooth devices and IPv4/IPv6 networks
• capa - identify capabilities in executable files
• Detect It Easy - determines types of files
• The Sleuth Kit - analyse disk images and recover files
• volatility - memory forensics

Networking

• masscan
• Nmap

  • Cheat sheet
• Wireshark
• Zmap

Password Cracking

• BruteX
• hashcat

  • CrackerJack - Web GUI
  • GovCracker
  • hashcat.launcher - cross-platform app that runs and controls hashcat
  • hate_crack
• John the Ripper

  • Johnny - GUI frontend
• Ophcrack - Windows password cracker

Reconnaissance

• Bluto
• theHarvester

Reverse Engineering

• BARF - Binary Analysis and Reverse engineering Framework
• Boomerang - x86 to C decompiler
• FLARE Obfuscated String Solver - extract and deobfuscate all strings from malware binaries
• GDB - GNU Debugger

  • GEF - GDB Enhanced Features
  • pwndbg
• Ghidra - National Security Agency
• IDA Pro
• PLASMA - x86/ARM/MIPS disassembler

Online Tools

• FastPeopleSearch
• HexEd.it

Cryptography

• CrackStation - Online Password Hash Cracking

  • Password Cracking Dictionary (15 GB)
• CrypTool-Online
• dCode.xyz
• factordb
• Hash Decrypter
• Hash Type Identifier
• hashes.link
• MD5Hashing.net - Hash, hashing and encryption toolkit
• quipquip
• Substitution cipher decoder
• Vigenère Solver

Encoders / Decoders

• CyberChef
• Dencode
• JSfuck Decoder

Forensics

• InQuest Labs
• PacketTotal - A free, online PCAP analysis engine
• pcapfix - online pcap / pcapng repair service
• Simple Email Reputation
• VirusTotal - Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches

Reverse Engineering

• androguard - Android apps
• apk2gold - Android apps
• Apktool - Android apps
• Java decompiler online
• Online Assembler and Disassembler
• OnlineGDB
• Resource Hacker - resource compiler/decompiler for Windows applications
• ROPgadget

Steganography

• Aperi'Solve
• StegCracker
• stegextract
• Steghide
• Stegsolve
• zsteg

Web Exploitation

• Burp Suite - web application security testing
• Commix - command injection exploitation tool
• dirsearch
• fimap - local/remote file injection audit tool
• gobuster - directory/file, DNS and VHost enumeration
• goWAPT
• Nikto - web server scanner
• Raccoon - vulnerability scanner
• Reverse Shell Generator
• sqlmap - automatic SQL injection tool
• SSL Server Test
• w3af - web application attack framework
• wfuzz
• XSSer - cross site scripter

Websites

• 316ctf - Anderson University
• CTFlearn
• CTFtime.org
• CTF Sites
• Exploit Education
• exploit-exercises.com
• Google CTF
• hackArcana
• ImaginaryCTF - Daily CTF Challenges for Everyone

  • Archived Challenges
• kCTF - Kubernetes-based infrastructure for CTF competitions
• KITCTF
• MetaCTF
• picoCTF